Software q2: /10
        Resolution (1 point for each then map to mark out of 10):
                Prepared statements in all SQL queries
                Check all input (whitelisting)
                Use htmlentities for all output originating from user input (even from the db)
                Suggests using https for website to remove possibility of sniffing cookies
                Update PHP (with documentation)
                Update Apache (with documentation)
                Update Postgresql (with documentation)
		Other...

Block Ciphers and Message Authentication Codes q3c: /5

  + 1 point for showing the understanding of the image file format and
how knowing it can help to break the message.
  + 1 point for clear explanation of the vulnerability in DES encryption
mode (identical plaintext blocks result in identical ciphertext blocks).
  + 2 points for submitting scripts/documentation on how to break the cipher.
  + 1 point for recovering the secret message: ``did you know that science is awesome?''

Public Key Cryptography q4b:   /10 

	+ 2 points for explaining certificate authority setup script and explaining important parts of a certificate: (algorithms, issuer, validity period (including DEMOCA files) (p1)
	+ 2 points for documenting CSR answer script (including newcert.pem file) (p2)
	+ 2 points for creating and explaining CSR generation: generate keys, generate request (p3)
	+ 1 point for getting a signed certificate from another team (p4)
	+ 2 points for explaining the encryption script: extracting public key, why first attempt failed. (p5)
	+ 1 point for submitting the key file and the encryption files. (p6)